moar
This commit is contained in:
143
tests/tcp/attempt1/tcp-phi1.pml
Normal file
143
tests/tcp/attempt1/tcp-phi1.pml
Normal file
@@ -0,0 +1,143 @@
|
||||
mtype = { SYN, FIN, ACK, ABORT, CLOSE, RST, OPEN }
|
||||
|
||||
chan AtoB = [2] of { mtype };
|
||||
chan BtoA = [2] of { mtype };
|
||||
|
||||
int state[2];
|
||||
int pids[2];
|
||||
|
||||
#define ClosedState 0
|
||||
#define ListenState 1
|
||||
#define SynSentState 2
|
||||
#define SynRecState 3
|
||||
#define EstState 4
|
||||
#define FinW1State 5
|
||||
#define CloseWaitState 6
|
||||
#define FinW2State 7
|
||||
#define ClosingState 8
|
||||
#define LastAckState 9
|
||||
#define TimeWaitState 10
|
||||
#define EndState -1
|
||||
|
||||
#define leftConnecting (state[0] == ListenState && state[1] == SynSentState)
|
||||
#define leftEstablished (state[0] == EstState)
|
||||
#define rightEstablished (state[1] == EstState)
|
||||
#define leftClosed (state[0] == ClosedState)
|
||||
|
||||
proctype TCP(chan snd, rcv; int i) {
|
||||
pids[i] = _pid;
|
||||
CLOSED:
|
||||
state[i] = ClosedState;
|
||||
do
|
||||
/* Passive open */
|
||||
:: goto LISTEN;
|
||||
/* Active open */
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
/* Terminate */
|
||||
:: goto end;
|
||||
od
|
||||
LISTEN:
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
atomic {
|
||||
snd ! SYN;
|
||||
snd ! ACK;
|
||||
goto SYN_RECEIVED;
|
||||
}
|
||||
/* Simultaneous LISTEN */
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? SYN;
|
||||
if
|
||||
/* Standard behavior */
|
||||
:: rcv ? ACK -> snd ! ACK; goto ESTABLISHED;
|
||||
/* Simultaneous open */
|
||||
:: snd ! ACK; goto SYN_RECEIVED;
|
||||
fi
|
||||
:: rcv ? ACK;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
snd ! ACK;
|
||||
goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED; /* Timeout */
|
||||
od
|
||||
SYN_RECEIVED:
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? ACK -> goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
ESTABLISHED:
|
||||
state[i] = EstState;
|
||||
do
|
||||
/* Close - initiator sequence */
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
/* Close - responder sequence */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSE_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
FIN_WAIT_1:
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
/* Simultaneous close */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSING;
|
||||
/* Standard close */
|
||||
:: rcv ? ACK -> goto FIN_WAIT_2;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
do
|
||||
:: snd ! FIN; goto LAST_ACK;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
FIN_WAIT_2:
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSING:
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? ACK -> goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
LAST_ACK:
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? ACK -> goto CLOSED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
TIME_WAIT:
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
end:
|
||||
state[i] = EndState;
|
||||
}
|
||||
|
||||
init {
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
}
|
||||
|
||||
/* safety: half-open prevention */
|
||||
ltl phi1 {
|
||||
always ( leftClosed implies !rightEstablished )
|
||||
}
|
||||
143
tests/tcp/attempt1/tcp-phi2.pml
Normal file
143
tests/tcp/attempt1/tcp-phi2.pml
Normal file
@@ -0,0 +1,143 @@
|
||||
mtype = { SYN, FIN, ACK, ABORT, CLOSE, RST, OPEN }
|
||||
|
||||
chan AtoB = [2] of { mtype };
|
||||
chan BtoA = [2] of { mtype };
|
||||
|
||||
int state[2];
|
||||
int pids[2];
|
||||
|
||||
#define ClosedState 0
|
||||
#define ListenState 1
|
||||
#define SynSentState 2
|
||||
#define SynRecState 3
|
||||
#define EstState 4
|
||||
#define FinW1State 5
|
||||
#define CloseWaitState 6
|
||||
#define FinW2State 7
|
||||
#define ClosingState 8
|
||||
#define LastAckState 9
|
||||
#define TimeWaitState 10
|
||||
#define EndState -1
|
||||
|
||||
#define leftConnecting (state[0] == ListenState && state[1] == SynSentState)
|
||||
#define leftEstablished (state[0] == EstState)
|
||||
#define rightEstablished (state[1] == EstState)
|
||||
#define leftClosed (state[0] == ClosedState)
|
||||
|
||||
proctype TCP(chan snd, rcv; int i) {
|
||||
pids[i] = _pid;
|
||||
CLOSED:
|
||||
state[i] = ClosedState;
|
||||
do
|
||||
/* Passive open */
|
||||
:: goto LISTEN;
|
||||
/* Active open */
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
/* Terminate */
|
||||
:: goto end;
|
||||
od
|
||||
LISTEN:
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
atomic {
|
||||
snd ! SYN;
|
||||
snd ! ACK;
|
||||
goto SYN_RECEIVED;
|
||||
}
|
||||
/* Simultaneous LISTEN */
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? SYN;
|
||||
if
|
||||
/* Standard behavior */
|
||||
:: rcv ? ACK -> snd ! ACK; goto ESTABLISHED;
|
||||
/* Simultaneous open */
|
||||
:: snd ! ACK; goto SYN_RECEIVED;
|
||||
fi
|
||||
:: rcv ? ACK;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
snd ! ACK;
|
||||
goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED; /* Timeout */
|
||||
od
|
||||
SYN_RECEIVED:
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? ACK -> goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
ESTABLISHED:
|
||||
state[i] = EstState;
|
||||
do
|
||||
/* Close - initiator sequence */
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
/* Close - responder sequence */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSE_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
FIN_WAIT_1:
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
/* Simultaneous close */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSING;
|
||||
/* Standard close */
|
||||
:: rcv ? ACK -> goto FIN_WAIT_2;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
do
|
||||
:: snd ! FIN; goto LAST_ACK;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
FIN_WAIT_2:
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSING:
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? ACK -> goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
LAST_ACK:
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? ACK -> goto CLOSED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
TIME_WAIT:
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
end:
|
||||
state[i] = EndState;
|
||||
}
|
||||
|
||||
init {
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
}
|
||||
|
||||
/* liveness: verifying connection establishment */
|
||||
ltl phi2 {
|
||||
( (always ( eventually ( state[0] == 1 && state[1] == 2 ) ) )
|
||||
implies ( eventually ( state[0] == 4 ) ) )
|
||||
161
tests/tcp/attempt1/tcp-phi3.pml
Normal file
161
tests/tcp/attempt1/tcp-phi3.pml
Normal file
@@ -0,0 +1,161 @@
|
||||
mtype = { SYN, FIN, ACK, ABORT, CLOSE, RST, OPEN }
|
||||
|
||||
chan AtoB = [2] of { mtype };
|
||||
chan BtoA = [2] of { mtype };
|
||||
|
||||
int state[2];
|
||||
int pids[2];
|
||||
|
||||
#define ClosedState 0
|
||||
#define ListenState 1
|
||||
#define SynSentState 2
|
||||
#define SynRecState 3
|
||||
#define EstState 4
|
||||
#define FinW1State 5
|
||||
#define CloseWaitState 6
|
||||
#define FinW2State 7
|
||||
#define ClosingState 8
|
||||
#define LastAckState 9
|
||||
#define TimeWaitState 10
|
||||
#define EndState -1
|
||||
|
||||
#define leftConnecting (state[0] == ListenState && state[1] == SynSentState)
|
||||
#define leftEstablished (state[0] == EstState)
|
||||
#define rightEstablished (state[1] == EstState)
|
||||
#define leftClosed (state[0] == ClosedState)
|
||||
|
||||
proctype TCP(chan snd, rcv; int i) {
|
||||
pids[i] = _pid;
|
||||
CLOSED:
|
||||
state[i] = ClosedState;
|
||||
do
|
||||
/* Passive open */
|
||||
:: goto LISTEN;
|
||||
/* Active open */
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
/* Terminate */
|
||||
:: goto end;
|
||||
od
|
||||
LISTEN:
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
atomic {
|
||||
snd ! SYN;
|
||||
snd ! ACK;
|
||||
goto SYN_RECEIVED;
|
||||
}
|
||||
/* Simultaneous LISTEN */
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? SYN;
|
||||
if
|
||||
/* Standard behavior */
|
||||
:: rcv ? ACK -> snd ! ACK; goto ESTABLISHED;
|
||||
/* Simultaneous open */
|
||||
:: snd ! ACK; goto SYN_RECEIVED;
|
||||
fi
|
||||
:: rcv ? ACK;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
snd ! ACK;
|
||||
goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED; /* Timeout */
|
||||
od
|
||||
SYN_RECEIVED:
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? ACK -> goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
ESTABLISHED:
|
||||
state[i] = EstState;
|
||||
do
|
||||
/* Close - initiator sequence */
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
/* Close - responder sequence */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSE_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
FIN_WAIT_1:
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
/* Simultaneous close */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSING;
|
||||
/* Standard close */
|
||||
:: rcv ? ACK -> goto FIN_WAIT_2;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
do
|
||||
:: snd ! FIN; goto LAST_ACK;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
FIN_WAIT_2:
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSING:
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? ACK -> goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
LAST_ACK:
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? ACK -> goto CLOSED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
TIME_WAIT:
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
end:
|
||||
state[i] = EndState;
|
||||
}
|
||||
|
||||
init {
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
}
|
||||
|
||||
/* liveness: no infinite stalls/deadlocks */
|
||||
ltl phi3 {
|
||||
!(eventually (((always (state[0] == SynSentState)) ||
|
||||
(always (state[0] == SynRecState)) ||
|
||||
(always (state[0] == EstState)) ||
|
||||
(always (state[0] == FinW1State)) ||
|
||||
(always (state[0] == CloseWaitState)) ||
|
||||
(always (state[0] == FinW2State)) ||
|
||||
(always (state[0] == ClosingState)) ||
|
||||
(always (state[0] == LastAckState)) ||
|
||||
(always (state[0] == TimeWaitState)))
|
||||
&&
|
||||
((always (state[1] == SynSentState)) ||
|
||||
(always (state[1] == SynRecState)) ||
|
||||
(always (state[1] == EstState)) ||
|
||||
(always (state[1] == FinW1State)) ||
|
||||
(always (state[1] == CloseWaitState)) ||
|
||||
(always (state[1] == FinW2State)) ||
|
||||
(always (state[1] == ClosingState)) ||
|
||||
(always (state[1] == LastAckState)) ||
|
||||
(always (state[1] == TimeWaitState)))))
|
||||
}
|
||||
150
tests/tcp/attempt1/tcp-phi4.pml
Normal file
150
tests/tcp/attempt1/tcp-phi4.pml
Normal file
@@ -0,0 +1,150 @@
|
||||
mtype = { SYN, FIN, ACK, ABORT, CLOSE, RST, OPEN }
|
||||
|
||||
chan AtoB = [2] of { mtype };
|
||||
chan BtoA = [2] of { mtype };
|
||||
|
||||
int state[2];
|
||||
int pids[2];
|
||||
|
||||
#define ClosedState 0
|
||||
#define ListenState 1
|
||||
#define SynSentState 2
|
||||
#define SynRecState 3
|
||||
#define EstState 4
|
||||
#define FinW1State 5
|
||||
#define CloseWaitState 6
|
||||
#define FinW2State 7
|
||||
#define ClosingState 8
|
||||
#define LastAckState 9
|
||||
#define TimeWaitState 10
|
||||
#define EndState -1
|
||||
|
||||
#define leftConnecting (state[0] == ListenState && state[1] == SynSentState)
|
||||
#define leftEstablished (state[0] == EstState)
|
||||
#define rightEstablished (state[1] == EstState)
|
||||
#define leftClosed (state[0] == ClosedState)
|
||||
|
||||
proctype TCP(chan snd, rcv; int i) {
|
||||
pids[i] = _pid;
|
||||
CLOSED:
|
||||
state[i] = ClosedState;
|
||||
do
|
||||
/* Passive open */
|
||||
:: goto LISTEN;
|
||||
/* Active open */
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
/* Terminate */
|
||||
:: goto end;
|
||||
od
|
||||
LISTEN:
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
atomic {
|
||||
snd ! SYN;
|
||||
snd ! ACK;
|
||||
goto SYN_RECEIVED;
|
||||
}
|
||||
/* Simultaneous LISTEN */
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? SYN;
|
||||
if
|
||||
/* Standard behavior */
|
||||
:: rcv ? ACK -> snd ! ACK; goto ESTABLISHED;
|
||||
/* Simultaneous open */
|
||||
:: snd ! ACK; goto SYN_RECEIVED;
|
||||
fi
|
||||
:: rcv ? ACK;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
snd ! ACK;
|
||||
goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED; /* Timeout */
|
||||
od
|
||||
SYN_RECEIVED:
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? ACK -> goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
ESTABLISHED:
|
||||
state[i] = EstState;
|
||||
do
|
||||
/* Close - initiator sequence */
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
/* Close - responder sequence */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSE_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
FIN_WAIT_1:
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
/* Simultaneous close */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSING;
|
||||
/* Standard close */
|
||||
:: rcv ? ACK -> goto FIN_WAIT_2;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
do
|
||||
:: snd ! FIN; goto LAST_ACK;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
FIN_WAIT_2:
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSING:
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? ACK -> goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
LAST_ACK:
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? ACK -> goto CLOSED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
TIME_WAIT:
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
end:
|
||||
state[i] = EndState;
|
||||
}
|
||||
|
||||
init {
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
}
|
||||
|
||||
/* liveness: simultanous open */
|
||||
ltl phi4 {
|
||||
always (
|
||||
(state[0] == SynSentState &&
|
||||
state[1] == SynSentState)
|
||||
|
||||
implies
|
||||
|
||||
((eventually state[0] == EstState) &&
|
||||
(eventually state[1] == EstState)))
|
||||
}
|
||||
157
tests/tcp/attempt1/tcp-phi4.pml.trail
Normal file
157
tests/tcp/attempt1/tcp-phi4.pml.trail
Normal file
@@ -0,0 +1,157 @@
|
||||
-2:2:-2
|
||||
-4:-4:-4
|
||||
1:0:122
|
||||
2:1:114
|
||||
3:0:122
|
||||
4:1:115
|
||||
5:0:122
|
||||
6:1:116
|
||||
7:0:122
|
||||
8:1:117
|
||||
9:0:122
|
||||
10:3:0
|
||||
11:0:122
|
||||
12:3:1
|
||||
13:0:122
|
||||
14:3:2
|
||||
15:0:122
|
||||
16:3:9
|
||||
17:0:122
|
||||
18:2:0
|
||||
19:0:122
|
||||
20:2:1
|
||||
21:0:122
|
||||
22:2:2
|
||||
23:0:122
|
||||
24:2:9
|
||||
25:0:122
|
||||
26:3:17
|
||||
27:0:122
|
||||
28:3:1
|
||||
29:0:122
|
||||
30:3:3
|
||||
31:0:122
|
||||
32:3:22
|
||||
33:0:122
|
||||
34:2:10
|
||||
35:0:122
|
||||
36:2:11
|
||||
37:2:12
|
||||
38:0:122
|
||||
39:3:23
|
||||
40:0:122
|
||||
41:3:24
|
||||
42:0:122
|
||||
43:3:25
|
||||
44:0:122
|
||||
45:3:55
|
||||
46:0:122
|
||||
47:3:56
|
||||
48:0:122
|
||||
49:3:66
|
||||
50:0:122
|
||||
51:2:47
|
||||
52:0:122
|
||||
53:2:48
|
||||
54:0:122
|
||||
55:2:55
|
||||
56:0:122
|
||||
57:2:56
|
||||
58:0:122
|
||||
59:3:67
|
||||
60:0:122
|
||||
61:3:68
|
||||
62:0:122
|
||||
63:3:94
|
||||
64:0:122
|
||||
65:2:66
|
||||
66:0:122
|
||||
67:2:67
|
||||
68:0:122
|
||||
69:2:68
|
||||
70:0:122
|
||||
71:3:95
|
||||
72:0:122
|
||||
73:3:110
|
||||
74:0:122
|
||||
75:3:1
|
||||
76:0:122
|
||||
77:3:2
|
||||
78:0:122
|
||||
79:2:94
|
||||
80:0:122
|
||||
81:2:95
|
||||
82:0:122
|
||||
83:2:110
|
||||
84:0:122
|
||||
85:2:1
|
||||
86:0:122
|
||||
87:2:3
|
||||
88:0:122
|
||||
89:3:9
|
||||
90:0:122
|
||||
91:3:10
|
||||
92:0:122
|
||||
93:3:11
|
||||
94:3:12
|
||||
95:0:122
|
||||
96:3:47
|
||||
97:0:122
|
||||
98:2:22
|
||||
99:0:122
|
||||
100:2:23
|
||||
101:0:122
|
||||
102:2:24
|
||||
103:0:122
|
||||
104:2:25
|
||||
105:0:122
|
||||
106:3:48
|
||||
107:0:122
|
||||
108:3:55
|
||||
109:0:122
|
||||
110:3:56
|
||||
111:0:122
|
||||
112:2:55
|
||||
113:0:122
|
||||
114:2:56
|
||||
115:0:122
|
||||
116:2:66
|
||||
117:0:122
|
||||
118:3:66
|
||||
119:0:122
|
||||
120:3:67
|
||||
121:0:122
|
||||
122:3:68
|
||||
123:0:122
|
||||
124:2:67
|
||||
125:0:122
|
||||
126:2:68
|
||||
127:0:122
|
||||
128:2:94
|
||||
129:0:122
|
||||
130:3:94
|
||||
131:0:122
|
||||
132:3:95
|
||||
133:0:122
|
||||
134:3:110
|
||||
135:0:122
|
||||
136:3:1
|
||||
137:0:122
|
||||
138:3:3
|
||||
139:0:122
|
||||
140:3:22
|
||||
141:0:122
|
||||
142:2:95
|
||||
143:0:122
|
||||
144:2:110
|
||||
145:0:122
|
||||
146:2:1
|
||||
147:0:122
|
||||
148:2:3
|
||||
149:0:122
|
||||
150:3:23
|
||||
151:0:122
|
||||
152:3:27
|
||||
153:0:122
|
||||
154:2:22
|
||||
155:0:119
|
||||
152
tests/tcp/attempt1/tcp-phi5.pml
Normal file
152
tests/tcp/attempt1/tcp-phi5.pml
Normal file
@@ -0,0 +1,152 @@
|
||||
mtype = { SYN, FIN, ACK, ABORT, CLOSE, RST, OPEN }
|
||||
|
||||
chan AtoB = [2] of { mtype };
|
||||
chan BtoA = [2] of { mtype };
|
||||
|
||||
int state[2];
|
||||
int pids[2];
|
||||
|
||||
#define ClosedState 0
|
||||
#define ListenState 1
|
||||
#define SynSentState 2
|
||||
#define SynRecState 3
|
||||
#define EstState 4
|
||||
#define FinW1State 5
|
||||
#define CloseWaitState 6
|
||||
#define FinW2State 7
|
||||
#define ClosingState 8
|
||||
#define LastAckState 9
|
||||
#define TimeWaitState 10
|
||||
#define EndState -1
|
||||
|
||||
#define leftConnecting (state[0] == ListenState && state[1] == SynSentState)
|
||||
#define leftEstablished (state[0] == EstState)
|
||||
#define rightEstablished (state[1] == EstState)
|
||||
#define leftClosed (state[0] == ClosedState)
|
||||
|
||||
proctype TCP(chan snd, rcv; int i) {
|
||||
pids[i] = _pid;
|
||||
CLOSED:
|
||||
state[i] = ClosedState;
|
||||
do
|
||||
/* Passive open */
|
||||
:: goto LISTEN;
|
||||
/* Active open */
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
/* Terminate */
|
||||
:: goto end;
|
||||
od
|
||||
LISTEN:
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
atomic {
|
||||
snd ! SYN;
|
||||
snd ! ACK;
|
||||
goto SYN_RECEIVED;
|
||||
}
|
||||
/* Simultaneous LISTEN */
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? SYN;
|
||||
if
|
||||
/* Standard behavior */
|
||||
:: rcv ? ACK -> snd ! ACK; goto ESTABLISHED;
|
||||
/* Simultaneous open */
|
||||
:: snd ! ACK; goto SYN_RECEIVED;
|
||||
fi
|
||||
:: rcv ? ACK;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
snd ! ACK;
|
||||
goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED; /* Timeout */
|
||||
od
|
||||
SYN_RECEIVED:
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? ACK -> goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
ESTABLISHED:
|
||||
state[i] = EstState;
|
||||
do
|
||||
/* Close - initiator sequence */
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
/* Close - responder sequence */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSE_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
FIN_WAIT_1:
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
/* Simultaneous close */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSING;
|
||||
/* Standard close */
|
||||
:: rcv ? ACK -> goto FIN_WAIT_2;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
do
|
||||
:: snd ! FIN; goto LAST_ACK;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
FIN_WAIT_2:
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSING:
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? ACK -> goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
LAST_ACK:
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? ACK -> goto CLOSED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
TIME_WAIT:
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
end:
|
||||
state[i] = EndState;
|
||||
}
|
||||
|
||||
init {
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
}
|
||||
|
||||
/* liveness: SYN_RECEIVED resolution*/
|
||||
ltl phi5 {
|
||||
always (
|
||||
(state[0] == SynRecState)
|
||||
implies (
|
||||
eventually (
|
||||
(state[0] == EstState ||
|
||||
state[0] == FinW1State ||
|
||||
state[0] == ClosedState)
|
||||
)
|
||||
)
|
||||
)
|
||||
}
|
||||
148
tests/tcp/attempt1/tcp-phi6.pml
Normal file
148
tests/tcp/attempt1/tcp-phi6.pml
Normal file
@@ -0,0 +1,148 @@
|
||||
mtype = { SYN, FIN, ACK, ABORT, CLOSE, RST, OPEN }
|
||||
|
||||
chan AtoB = [2] of { mtype };
|
||||
chan BtoA = [2] of { mtype };
|
||||
|
||||
int state[2];
|
||||
int pids[2];
|
||||
|
||||
#define ClosedState 0
|
||||
#define ListenState 1
|
||||
#define SynSentState 2
|
||||
#define SynRecState 3
|
||||
#define EstState 4
|
||||
#define FinW1State 5
|
||||
#define CloseWaitState 6
|
||||
#define FinW2State 7
|
||||
#define ClosingState 8
|
||||
#define LastAckState 9
|
||||
#define TimeWaitState 10
|
||||
#define EndState -1
|
||||
|
||||
#define leftConnecting (state[0] == ListenState && state[1] == SynSentState)
|
||||
#define leftEstablished (state[0] == EstState)
|
||||
#define rightEstablished (state[1] == EstState)
|
||||
#define leftClosed (state[0] == ClosedState)
|
||||
|
||||
proctype TCP(chan snd, rcv; int i) {
|
||||
pids[i] = _pid;
|
||||
CLOSED:
|
||||
state[i] = ClosedState;
|
||||
do
|
||||
/* Passive open */
|
||||
:: goto LISTEN;
|
||||
/* Active open */
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
/* Terminate */
|
||||
:: goto end;
|
||||
od
|
||||
LISTEN:
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
atomic {
|
||||
snd ! SYN;
|
||||
snd ! ACK;
|
||||
goto SYN_RECEIVED;
|
||||
}
|
||||
/* Simultaneous LISTEN */
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? SYN;
|
||||
if
|
||||
/* Standard behavior */
|
||||
:: rcv ? ACK -> snd ! ACK; goto ESTABLISHED;
|
||||
/* Simultaneous open */
|
||||
:: snd ! ACK; goto SYN_RECEIVED;
|
||||
fi
|
||||
:: rcv ? ACK;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
snd ! ACK;
|
||||
goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED; /* Timeout */
|
||||
od
|
||||
SYN_RECEIVED:
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? ACK -> goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
ESTABLISHED:
|
||||
state[i] = EstState;
|
||||
do
|
||||
/* Close - initiator sequence */
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
/* Close - responder sequence */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSE_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
FIN_WAIT_1:
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
/* Simultaneous close */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSING;
|
||||
/* Standard close */
|
||||
:: rcv ? ACK -> goto FIN_WAIT_2;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
do
|
||||
:: snd ! FIN; goto LAST_ACK;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
FIN_WAIT_2:
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSING:
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? ACK -> goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
LAST_ACK:
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? ACK -> goto CLOSED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
TIME_WAIT:
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
end:
|
||||
state[i] = EndState;
|
||||
}
|
||||
|
||||
init {
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
}
|
||||
|
||||
/* safety: strict closing transitions */
|
||||
ltl phi6 {
|
||||
always (
|
||||
(state[0] == ClosingState)
|
||||
implies
|
||||
(next (state[0] == ClosingState ||
|
||||
state[0] == ClosedState))
|
||||
)
|
||||
}
|
||||
88
tests/tcp/attempt1/tcp-phi6.pml.trail
Normal file
88
tests/tcp/attempt1/tcp-phi6.pml.trail
Normal file
@@ -0,0 +1,88 @@
|
||||
-2:2:-2
|
||||
-4:-4:-4
|
||||
1:0:121
|
||||
2:1:114
|
||||
3:0:121
|
||||
4:1:115
|
||||
5:0:121
|
||||
6:1:116
|
||||
7:0:121
|
||||
8:1:117
|
||||
9:0:121
|
||||
10:3:0
|
||||
11:0:121
|
||||
12:3:1
|
||||
13:0:121
|
||||
14:3:2
|
||||
15:0:121
|
||||
16:3:9
|
||||
17:0:121
|
||||
18:2:0
|
||||
19:0:121
|
||||
20:2:1
|
||||
21:0:121
|
||||
22:2:2
|
||||
23:0:121
|
||||
24:2:9
|
||||
25:0:121
|
||||
26:3:17
|
||||
27:0:121
|
||||
28:3:1
|
||||
29:0:121
|
||||
30:3:3
|
||||
31:0:121
|
||||
32:3:22
|
||||
33:0:121
|
||||
34:2:10
|
||||
35:0:121
|
||||
36:2:11
|
||||
37:2:12
|
||||
38:0:121
|
||||
39:3:23
|
||||
40:0:121
|
||||
41:3:24
|
||||
42:0:121
|
||||
43:3:25
|
||||
44:0:121
|
||||
45:3:55
|
||||
46:0:121
|
||||
47:3:56
|
||||
48:0:121
|
||||
49:3:66
|
||||
50:0:121
|
||||
51:2:47
|
||||
52:0:121
|
||||
53:2:48
|
||||
54:0:121
|
||||
55:2:55
|
||||
56:0:121
|
||||
57:2:56
|
||||
58:0:121
|
||||
59:3:67
|
||||
60:0:121
|
||||
61:3:68
|
||||
62:0:121
|
||||
63:3:94
|
||||
64:0:121
|
||||
65:2:66
|
||||
66:0:121
|
||||
67:2:67
|
||||
68:0:121
|
||||
69:2:68
|
||||
70:0:121
|
||||
71:3:95
|
||||
72:0:121
|
||||
73:3:110
|
||||
74:0:121
|
||||
75:3:1
|
||||
76:0:121
|
||||
77:3:2
|
||||
78:0:121
|
||||
79:3:9
|
||||
80:0:121
|
||||
81:2:94
|
||||
82:0:121
|
||||
83:2:95
|
||||
84:0:119
|
||||
85:2:110
|
||||
86:0:126
|
||||
138
tests/tcp/attempt1/tcp.pml
Normal file
138
tests/tcp/attempt1/tcp.pml
Normal file
@@ -0,0 +1,138 @@
|
||||
mtype = { SYN, FIN, ACK, ABORT, CLOSE, RST, OPEN }
|
||||
|
||||
chan AtoB = [2] of { mtype };
|
||||
chan BtoA = [2] of { mtype };
|
||||
|
||||
int state[2];
|
||||
int pids[2];
|
||||
|
||||
#define ClosedState 0
|
||||
#define ListenState 1
|
||||
#define SynSentState 2
|
||||
#define SynRecState 3
|
||||
#define EstState 4
|
||||
#define FinW1State 5
|
||||
#define CloseWaitState 6
|
||||
#define FinW2State 7
|
||||
#define ClosingState 8
|
||||
#define LastAckState 9
|
||||
#define TimeWaitState 10
|
||||
#define EndState -1
|
||||
|
||||
#define leftConnecting (state[0] == ListenState && state[1] == SynSentState)
|
||||
#define leftEstablished (state[0] == EstState)
|
||||
#define rightEstablished (state[1] == EstState)
|
||||
#define leftClosed (state[0] == ClosedState)
|
||||
|
||||
proctype TCP(chan snd, rcv; int i) {
|
||||
pids[i] = _pid;
|
||||
CLOSED:
|
||||
state[i] = ClosedState;
|
||||
do
|
||||
/* Passive open */
|
||||
:: goto LISTEN;
|
||||
/* Active open */
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
/* Terminate */
|
||||
:: goto end;
|
||||
od
|
||||
LISTEN:
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
atomic {
|
||||
snd ! SYN;
|
||||
snd ! ACK;
|
||||
goto SYN_RECEIVED;
|
||||
}
|
||||
/* Simultaneous LISTEN */
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? SYN;
|
||||
if
|
||||
/* Standard behavior */
|
||||
:: rcv ? ACK -> snd ! ACK; goto ESTABLISHED;
|
||||
/* Simultaneous open */
|
||||
:: snd ! ACK; goto SYN_RECEIVED;
|
||||
fi
|
||||
:: rcv ? ACK;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
snd ! ACK;
|
||||
goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED; /* Timeout */
|
||||
od
|
||||
SYN_RECEIVED:
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? ACK -> goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
ESTABLISHED:
|
||||
state[i] = EstState;
|
||||
do
|
||||
/* Close - initiator sequence */
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
/* Close - responder sequence */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSE_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
FIN_WAIT_1:
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
/* Simultaneous close */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSING;
|
||||
/* Standard close */
|
||||
:: rcv ? ACK -> goto FIN_WAIT_2;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
do
|
||||
:: snd ! FIN; goto LAST_ACK;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
FIN_WAIT_2:
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSING:
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? ACK -> goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
LAST_ACK:
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? ACK -> goto CLOSED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
TIME_WAIT:
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
end:
|
||||
state[i] = EndState;
|
||||
}
|
||||
|
||||
init {
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
}
|
||||
BIN
tests/tcp/pan
BIN
tests/tcp/pan
Binary file not shown.
9
tests/tcp/props/phi7.pml
Normal file
9
tests/tcp/props/phi7.pml
Normal file
@@ -0,0 +1,9 @@
|
||||
/* liveness: simultaneous close resolution */
|
||||
ltl phi7 {
|
||||
always (
|
||||
(state[0] == FinW1State && state[1] == FinW1State)
|
||||
implies
|
||||
(eventually (state[0] == ClosedState) &&
|
||||
eventually (state[1] == ClosedState))
|
||||
)
|
||||
}
|
||||
6
tests/tcp/props/phi8.pml
Normal file
6
tests/tcp/props/phi8.pml
Normal file
@@ -0,0 +1,6 @@
|
||||
/* liveness: active close eventually terminates */
|
||||
ltl phi8 {
|
||||
always (
|
||||
(state[0] == FinW1State) implies (eventually (state[0] == ClosedState))
|
||||
)
|
||||
}
|
||||
8
tests/tcp/props/phi9.pml
Normal file
8
tests/tcp/props/phi9.pml
Normal file
@@ -0,0 +1,8 @@
|
||||
/* safety: handshake cannot be bypassed */
|
||||
ltl phi9 {
|
||||
always (
|
||||
(state[0] == ListenState)
|
||||
implies
|
||||
!(next (state[0] == EstState))
|
||||
)
|
||||
}
|
||||
@@ -1,10 +1,9 @@
|
||||
mtype = { SYN, FIN, ACK, ABORT, CLOSE, RST, OPEN }
|
||||
mtype = { SYN, FIN, ACK }
|
||||
|
||||
chan AtoB = [2] of { mtype };
|
||||
chan BtoA = [2] of { mtype };
|
||||
|
||||
int state[2];
|
||||
int pids[2];
|
||||
|
||||
#define ClosedState 0
|
||||
#define ListenState 1
|
||||
@@ -17,127 +16,128 @@ int pids[2];
|
||||
#define ClosingState 8
|
||||
#define LastAckState 9
|
||||
#define TimeWaitState 10
|
||||
#define EndState -1
|
||||
|
||||
#define leftConnecting (state[0] == ListenState && state[1] == SynSentState)
|
||||
#define leftEstablished (state[0] == EstState)
|
||||
#define rightEstablished (state[1] == EstState)
|
||||
#define leftClosed (state[0] == ClosedState)
|
||||
|
||||
proctype TCP(chan snd, rcv; int i) {
|
||||
pids[i] = _pid;
|
||||
mtype msg;
|
||||
CLOSED:
|
||||
state[i] = ClosedState;
|
||||
do
|
||||
/* Passive open */
|
||||
:: goto LISTEN;
|
||||
/* Active open */
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
/* Terminate */
|
||||
:: goto end;
|
||||
od
|
||||
state[i] = ClosedState;
|
||||
if
|
||||
:: goto LISTEN;
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
fi;
|
||||
|
||||
LISTEN:
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
atomic {
|
||||
snd ! SYN;
|
||||
snd ! ACK;
|
||||
goto SYN_RECEIVED;
|
||||
}
|
||||
/* Simultaneous LISTEN */
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? SYN;
|
||||
if
|
||||
/* Standard behavior */
|
||||
:: rcv ? ACK -> snd ! ACK; goto ESTABLISHED;
|
||||
/* Simultaneous open */
|
||||
:: snd ! ACK; goto SYN_RECEIVED;
|
||||
fi
|
||||
:: rcv ? ACK;
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
snd ! ACK;
|
||||
goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED; /* Timeout */
|
||||
od
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! SYN; snd ! ACK; goto SYN_RECEIVED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! ACK; goto SYN_RECEIVED;
|
||||
:: msg == ACK ->
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! ACK; goto ESTABLISHED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
SYN_RECEIVED:
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? ACK -> goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto ESTABLISHED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
ESTABLISHED:
|
||||
state[i] = EstState;
|
||||
do
|
||||
/* Close - initiator sequence */
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
/* Close - responder sequence */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSE_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = EstState;
|
||||
do
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto CLOSE_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
FIN_WAIT_1:
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
/* Simultaneous close */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSING;
|
||||
/* Standard close */
|
||||
:: rcv ? ACK -> goto FIN_WAIT_2;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
do
|
||||
:: snd ! FIN; goto LAST_ACK;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto CLOSING;
|
||||
:: msg == ACK -> goto FIN_WAIT_2;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
FIN_WAIT_2:
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto TIME_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
CLOSING:
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? ACK -> goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto TIME_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
snd ! FIN; goto LAST_ACK;
|
||||
|
||||
LAST_ACK:
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? ACK -> goto CLOSED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto CLOSED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
TIME_WAIT:
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
end:
|
||||
state[i] = EndState;
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
}
|
||||
|
||||
init {
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
atomic {
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
}
|
||||
}
|
||||
|
||||
/* safety: half-open prevention */
|
||||
ltl phi1 {
|
||||
always ( leftClosed implies !rightEstablished )
|
||||
always ( (state[0] == ClosedState) implies !(state[1] == EstState) )
|
||||
}
|
||||
|
||||
@@ -1,10 +1,9 @@
|
||||
mtype = { SYN, FIN, ACK, ABORT, CLOSE, RST, OPEN }
|
||||
mtype = { SYN, FIN, ACK }
|
||||
|
||||
chan AtoB = [2] of { mtype };
|
||||
chan BtoA = [2] of { mtype };
|
||||
|
||||
int state[2];
|
||||
int pids[2];
|
||||
|
||||
#define ClosedState 0
|
||||
#define ListenState 1
|
||||
@@ -17,127 +16,130 @@ int pids[2];
|
||||
#define ClosingState 8
|
||||
#define LastAckState 9
|
||||
#define TimeWaitState 10
|
||||
#define EndState -1
|
||||
|
||||
#define leftConnecting (state[0] == ListenState && state[1] == SynSentState)
|
||||
#define leftEstablished (state[0] == EstState)
|
||||
#define rightEstablished (state[1] == EstState)
|
||||
#define leftClosed (state[0] == ClosedState)
|
||||
|
||||
proctype TCP(chan snd, rcv; int i) {
|
||||
pids[i] = _pid;
|
||||
mtype msg;
|
||||
CLOSED:
|
||||
state[i] = ClosedState;
|
||||
do
|
||||
/* Passive open */
|
||||
:: goto LISTEN;
|
||||
/* Active open */
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
/* Terminate */
|
||||
:: goto end;
|
||||
od
|
||||
state[i] = ClosedState;
|
||||
if
|
||||
:: goto LISTEN;
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
fi;
|
||||
|
||||
LISTEN:
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
atomic {
|
||||
snd ! SYN;
|
||||
snd ! ACK;
|
||||
goto SYN_RECEIVED;
|
||||
}
|
||||
/* Simultaneous LISTEN */
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? SYN;
|
||||
if
|
||||
/* Standard behavior */
|
||||
:: rcv ? ACK -> snd ! ACK; goto ESTABLISHED;
|
||||
/* Simultaneous open */
|
||||
:: snd ! ACK; goto SYN_RECEIVED;
|
||||
fi
|
||||
:: rcv ? ACK;
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
snd ! ACK;
|
||||
goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED; /* Timeout */
|
||||
od
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! SYN; snd ! ACK; goto SYN_RECEIVED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! ACK; goto SYN_RECEIVED;
|
||||
:: msg == ACK ->
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! ACK; goto ESTABLISHED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
SYN_RECEIVED:
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? ACK -> goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto ESTABLISHED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
ESTABLISHED:
|
||||
state[i] = EstState;
|
||||
do
|
||||
/* Close - initiator sequence */
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
/* Close - responder sequence */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSE_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = EstState;
|
||||
do
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto CLOSE_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
FIN_WAIT_1:
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
/* Simultaneous close */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSING;
|
||||
/* Standard close */
|
||||
:: rcv ? ACK -> goto FIN_WAIT_2;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
do
|
||||
:: snd ! FIN; goto LAST_ACK;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto CLOSING;
|
||||
:: msg == ACK -> goto FIN_WAIT_2;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
FIN_WAIT_2:
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto TIME_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
CLOSING:
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? ACK -> goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto TIME_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
snd ! FIN; goto LAST_ACK;
|
||||
|
||||
LAST_ACK:
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? ACK -> goto CLOSED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto CLOSED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
TIME_WAIT:
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
end:
|
||||
state[i] = EndState;
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
}
|
||||
|
||||
init {
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
atomic {
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
}
|
||||
}
|
||||
|
||||
/* liveness: verifying connection establishment */
|
||||
ltl phi2 {
|
||||
( (always ( eventually ( state[0] == 1 && state[1] == 2 ) ) )
|
||||
implies ( eventually ( state[0] == 4 ) ) )
|
||||
}
|
||||
|
||||
@@ -1,10 +1,9 @@
|
||||
mtype = { SYN, FIN, ACK, ABORT, CLOSE, RST, OPEN }
|
||||
mtype = { SYN, FIN, ACK }
|
||||
|
||||
chan AtoB = [2] of { mtype };
|
||||
chan BtoA = [2] of { mtype };
|
||||
|
||||
int state[2];
|
||||
int pids[2];
|
||||
|
||||
#define ClosedState 0
|
||||
#define ListenState 1
|
||||
@@ -17,124 +16,126 @@ int pids[2];
|
||||
#define ClosingState 8
|
||||
#define LastAckState 9
|
||||
#define TimeWaitState 10
|
||||
#define EndState -1
|
||||
|
||||
#define leftConnecting (state[0] == ListenState && state[1] == SynSentState)
|
||||
#define leftEstablished (state[0] == EstState)
|
||||
#define rightEstablished (state[1] == EstState)
|
||||
#define leftClosed (state[0] == ClosedState)
|
||||
|
||||
proctype TCP(chan snd, rcv; int i) {
|
||||
pids[i] = _pid;
|
||||
mtype msg;
|
||||
CLOSED:
|
||||
state[i] = ClosedState;
|
||||
do
|
||||
/* Passive open */
|
||||
:: goto LISTEN;
|
||||
/* Active open */
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
/* Terminate */
|
||||
:: goto end;
|
||||
od
|
||||
state[i] = ClosedState;
|
||||
if
|
||||
:: goto LISTEN;
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
fi;
|
||||
|
||||
LISTEN:
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
atomic {
|
||||
snd ! SYN;
|
||||
snd ! ACK;
|
||||
goto SYN_RECEIVED;
|
||||
}
|
||||
/* Simultaneous LISTEN */
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? SYN;
|
||||
if
|
||||
/* Standard behavior */
|
||||
:: rcv ? ACK -> snd ! ACK; goto ESTABLISHED;
|
||||
/* Simultaneous open */
|
||||
:: snd ! ACK; goto SYN_RECEIVED;
|
||||
fi
|
||||
:: rcv ? ACK;
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
snd ! ACK;
|
||||
goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED; /* Timeout */
|
||||
od
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! SYN; snd ! ACK; goto SYN_RECEIVED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! ACK; goto SYN_RECEIVED;
|
||||
:: msg == ACK ->
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! ACK; goto ESTABLISHED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
SYN_RECEIVED:
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? ACK -> goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto ESTABLISHED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
ESTABLISHED:
|
||||
state[i] = EstState;
|
||||
do
|
||||
/* Close - initiator sequence */
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
/* Close - responder sequence */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSE_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = EstState;
|
||||
do
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto CLOSE_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
FIN_WAIT_1:
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
/* Simultaneous close */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSING;
|
||||
/* Standard close */
|
||||
:: rcv ? ACK -> goto FIN_WAIT_2;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
do
|
||||
:: snd ! FIN; goto LAST_ACK;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto CLOSING;
|
||||
:: msg == ACK -> goto FIN_WAIT_2;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
FIN_WAIT_2:
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto TIME_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
CLOSING:
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? ACK -> goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto TIME_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
snd ! FIN; goto LAST_ACK;
|
||||
|
||||
LAST_ACK:
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? ACK -> goto CLOSED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto CLOSED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
TIME_WAIT:
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
end:
|
||||
state[i] = EndState;
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
}
|
||||
|
||||
init {
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
atomic {
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
}
|
||||
}
|
||||
|
||||
/* liveness: no infinite stalls/deadlocks */
|
||||
|
||||
@@ -1,10 +1,9 @@
|
||||
mtype = { SYN, FIN, ACK, ABORT, CLOSE, RST, OPEN }
|
||||
mtype = { SYN, FIN, ACK }
|
||||
|
||||
chan AtoB = [2] of { mtype };
|
||||
chan BtoA = [2] of { mtype };
|
||||
|
||||
int state[2];
|
||||
int pids[2];
|
||||
|
||||
#define ClosedState 0
|
||||
#define ListenState 1
|
||||
@@ -17,124 +16,126 @@ int pids[2];
|
||||
#define ClosingState 8
|
||||
#define LastAckState 9
|
||||
#define TimeWaitState 10
|
||||
#define EndState -1
|
||||
|
||||
#define leftConnecting (state[0] == ListenState && state[1] == SynSentState)
|
||||
#define leftEstablished (state[0] == EstState)
|
||||
#define rightEstablished (state[1] == EstState)
|
||||
#define leftClosed (state[0] == ClosedState)
|
||||
|
||||
proctype TCP(chan snd, rcv; int i) {
|
||||
pids[i] = _pid;
|
||||
mtype msg;
|
||||
CLOSED:
|
||||
state[i] = ClosedState;
|
||||
do
|
||||
/* Passive open */
|
||||
:: goto LISTEN;
|
||||
/* Active open */
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
/* Terminate */
|
||||
:: goto end;
|
||||
od
|
||||
state[i] = ClosedState;
|
||||
if
|
||||
:: goto LISTEN;
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
fi;
|
||||
|
||||
LISTEN:
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
atomic {
|
||||
snd ! SYN;
|
||||
snd ! ACK;
|
||||
goto SYN_RECEIVED;
|
||||
}
|
||||
/* Simultaneous LISTEN */
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? SYN;
|
||||
if
|
||||
/* Standard behavior */
|
||||
:: rcv ? ACK -> snd ! ACK; goto ESTABLISHED;
|
||||
/* Simultaneous open */
|
||||
:: snd ! ACK; goto SYN_RECEIVED;
|
||||
fi
|
||||
:: rcv ? ACK;
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
snd ! ACK;
|
||||
goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED; /* Timeout */
|
||||
od
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! SYN; snd ! ACK; goto SYN_RECEIVED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! ACK; goto SYN_RECEIVED;
|
||||
:: msg == ACK ->
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! ACK; goto ESTABLISHED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
SYN_RECEIVED:
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? ACK -> goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto ESTABLISHED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
ESTABLISHED:
|
||||
state[i] = EstState;
|
||||
do
|
||||
/* Close - initiator sequence */
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
/* Close - responder sequence */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSE_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = EstState;
|
||||
do
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto CLOSE_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
FIN_WAIT_1:
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
/* Simultaneous close */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSING;
|
||||
/* Standard close */
|
||||
:: rcv ? ACK -> goto FIN_WAIT_2;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
do
|
||||
:: snd ! FIN; goto LAST_ACK;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto CLOSING;
|
||||
:: msg == ACK -> goto FIN_WAIT_2;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
FIN_WAIT_2:
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto TIME_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
CLOSING:
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? ACK -> goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto TIME_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
snd ! FIN; goto LAST_ACK;
|
||||
|
||||
LAST_ACK:
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? ACK -> goto CLOSED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto CLOSED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
TIME_WAIT:
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
end:
|
||||
state[i] = EndState;
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
}
|
||||
|
||||
init {
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
atomic {
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
}
|
||||
}
|
||||
|
||||
/* liveness: simultanous open */
|
||||
|
||||
@@ -1,157 +1,192 @@
|
||||
-2:2:-2
|
||||
-4:-4:-4
|
||||
1:0:122
|
||||
2:1:114
|
||||
3:0:122
|
||||
4:1:115
|
||||
5:0:122
|
||||
6:1:116
|
||||
7:0:122
|
||||
8:1:117
|
||||
9:0:122
|
||||
10:3:0
|
||||
11:0:122
|
||||
12:3:1
|
||||
13:0:122
|
||||
14:3:2
|
||||
15:0:122
|
||||
16:3:9
|
||||
17:0:122
|
||||
18:2:0
|
||||
19:0:122
|
||||
20:2:1
|
||||
21:0:122
|
||||
22:2:2
|
||||
23:0:122
|
||||
24:2:9
|
||||
25:0:122
|
||||
26:3:17
|
||||
27:0:122
|
||||
28:3:1
|
||||
29:0:122
|
||||
30:3:3
|
||||
31:0:122
|
||||
32:3:22
|
||||
33:0:122
|
||||
34:2:10
|
||||
35:0:122
|
||||
36:2:11
|
||||
37:2:12
|
||||
38:0:122
|
||||
39:3:23
|
||||
40:0:122
|
||||
41:3:24
|
||||
42:0:122
|
||||
43:3:25
|
||||
44:0:122
|
||||
45:3:55
|
||||
46:0:122
|
||||
47:3:56
|
||||
48:0:122
|
||||
49:3:66
|
||||
50:0:122
|
||||
51:2:47
|
||||
52:0:122
|
||||
53:2:48
|
||||
54:0:122
|
||||
55:2:55
|
||||
56:0:122
|
||||
57:2:56
|
||||
58:0:122
|
||||
59:3:67
|
||||
60:0:122
|
||||
61:3:68
|
||||
62:0:122
|
||||
63:3:94
|
||||
64:0:122
|
||||
65:2:66
|
||||
66:0:122
|
||||
67:2:67
|
||||
68:0:122
|
||||
69:2:68
|
||||
70:0:122
|
||||
71:3:95
|
||||
72:0:122
|
||||
73:3:110
|
||||
74:0:122
|
||||
75:3:1
|
||||
76:0:122
|
||||
77:3:2
|
||||
78:0:122
|
||||
79:2:94
|
||||
80:0:122
|
||||
81:2:95
|
||||
82:0:122
|
||||
83:2:110
|
||||
84:0:122
|
||||
85:2:1
|
||||
86:0:122
|
||||
87:2:3
|
||||
88:0:122
|
||||
89:3:9
|
||||
90:0:122
|
||||
91:3:10
|
||||
92:0:122
|
||||
93:3:11
|
||||
94:3:12
|
||||
95:0:122
|
||||
96:3:47
|
||||
97:0:122
|
||||
98:2:22
|
||||
99:0:122
|
||||
100:2:23
|
||||
101:0:122
|
||||
102:2:24
|
||||
103:0:122
|
||||
104:2:25
|
||||
105:0:122
|
||||
106:3:48
|
||||
107:0:122
|
||||
108:3:55
|
||||
109:0:122
|
||||
110:3:56
|
||||
111:0:122
|
||||
112:2:55
|
||||
113:0:122
|
||||
114:2:56
|
||||
115:0:122
|
||||
116:2:66
|
||||
117:0:122
|
||||
118:3:66
|
||||
119:0:122
|
||||
120:3:67
|
||||
121:0:122
|
||||
122:3:68
|
||||
123:0:122
|
||||
124:2:67
|
||||
125:0:122
|
||||
126:2:68
|
||||
127:0:122
|
||||
128:2:94
|
||||
129:0:122
|
||||
130:3:94
|
||||
131:0:122
|
||||
132:3:95
|
||||
133:0:122
|
||||
134:3:110
|
||||
135:0:122
|
||||
136:3:1
|
||||
137:0:122
|
||||
138:3:3
|
||||
139:0:122
|
||||
140:3:22
|
||||
141:0:122
|
||||
142:2:95
|
||||
143:0:122
|
||||
144:2:110
|
||||
145:0:122
|
||||
146:2:1
|
||||
147:0:122
|
||||
148:2:3
|
||||
149:0:122
|
||||
150:3:23
|
||||
151:0:122
|
||||
152:3:27
|
||||
153:0:122
|
||||
154:2:22
|
||||
155:0:119
|
||||
1:0:139
|
||||
2:1:130
|
||||
3:0:139
|
||||
4:1:131
|
||||
5:0:139
|
||||
6:1:132
|
||||
7:1:133
|
||||
8:0:139
|
||||
9:3:0
|
||||
10:0:139
|
||||
11:3:1
|
||||
12:0:139
|
||||
13:3:6
|
||||
14:0:139
|
||||
15:2:0
|
||||
16:0:139
|
||||
17:2:1
|
||||
18:0:139
|
||||
19:2:6
|
||||
20:0:139
|
||||
21:3:16
|
||||
22:0:139
|
||||
23:3:0
|
||||
24:0:139
|
||||
25:3:2
|
||||
26:0:139
|
||||
27:3:21
|
||||
28:0:139
|
||||
29:2:7
|
||||
30:0:139
|
||||
31:2:8
|
||||
32:0:139
|
||||
33:2:9
|
||||
34:0:139
|
||||
35:3:22
|
||||
36:0:139
|
||||
37:3:23
|
||||
38:0:139
|
||||
39:3:24
|
||||
40:0:139
|
||||
41:3:49
|
||||
42:0:139
|
||||
43:2:10
|
||||
44:0:139
|
||||
45:3:50
|
||||
46:0:139
|
||||
47:3:51
|
||||
48:0:139
|
||||
49:3:62
|
||||
50:0:139
|
||||
51:3:63
|
||||
52:0:139
|
||||
53:3:76
|
||||
54:0:139
|
||||
55:2:49
|
||||
56:0:139
|
||||
57:2:50
|
||||
58:0:139
|
||||
59:2:51
|
||||
60:0:139
|
||||
61:2:62
|
||||
62:0:139
|
||||
63:2:63
|
||||
64:0:139
|
||||
65:3:77
|
||||
66:0:139
|
||||
67:3:78
|
||||
68:0:139
|
||||
69:3:79
|
||||
70:0:139
|
||||
71:3:102
|
||||
72:0:139
|
||||
73:2:76
|
||||
74:0:139
|
||||
75:2:77
|
||||
76:0:139
|
||||
77:2:78
|
||||
78:0:139
|
||||
79:2:79
|
||||
80:0:139
|
||||
81:3:103
|
||||
82:0:139
|
||||
83:3:104
|
||||
84:0:139
|
||||
85:3:127
|
||||
86:0:139
|
||||
87:3:0
|
||||
88:0:139
|
||||
89:3:1
|
||||
90:0:139
|
||||
91:2:102
|
||||
92:0:139
|
||||
93:2:103
|
||||
94:0:139
|
||||
95:2:104
|
||||
96:0:139
|
||||
97:2:127
|
||||
98:0:139
|
||||
99:2:0
|
||||
100:0:139
|
||||
101:2:2
|
||||
102:0:139
|
||||
103:3:6
|
||||
104:0:139
|
||||
105:3:7
|
||||
106:0:139
|
||||
107:3:8
|
||||
108:0:139
|
||||
109:3:9
|
||||
110:0:139
|
||||
111:3:10
|
||||
112:0:139
|
||||
113:3:49
|
||||
114:0:139
|
||||
115:2:21
|
||||
116:0:139
|
||||
117:2:22
|
||||
118:0:139
|
||||
119:2:23
|
||||
120:0:139
|
||||
121:2:24
|
||||
122:0:139
|
||||
123:3:50
|
||||
124:0:139
|
||||
125:3:51
|
||||
126:0:139
|
||||
127:3:62
|
||||
128:0:139
|
||||
129:3:63
|
||||
130:0:139
|
||||
131:2:49
|
||||
132:0:139
|
||||
133:2:50
|
||||
134:0:139
|
||||
135:2:51
|
||||
136:0:139
|
||||
137:2:62
|
||||
138:0:139
|
||||
139:2:63
|
||||
140:0:139
|
||||
141:2:76
|
||||
142:0:139
|
||||
143:3:76
|
||||
144:0:139
|
||||
145:3:77
|
||||
146:0:139
|
||||
147:3:78
|
||||
148:0:139
|
||||
149:3:79
|
||||
150:0:139
|
||||
151:2:77
|
||||
152:0:139
|
||||
153:2:78
|
||||
154:0:139
|
||||
155:2:79
|
||||
156:0:139
|
||||
157:2:102
|
||||
158:0:139
|
||||
159:3:102
|
||||
160:0:139
|
||||
161:3:103
|
||||
162:0:139
|
||||
163:3:104
|
||||
164:0:139
|
||||
165:3:127
|
||||
166:0:139
|
||||
167:3:0
|
||||
168:0:139
|
||||
169:3:2
|
||||
170:0:139
|
||||
171:3:21
|
||||
172:0:139
|
||||
173:2:103
|
||||
174:0:139
|
||||
175:2:104
|
||||
176:0:139
|
||||
177:2:127
|
||||
178:0:139
|
||||
179:2:0
|
||||
180:0:139
|
||||
181:2:2
|
||||
182:0:139
|
||||
183:3:22
|
||||
184:0:139
|
||||
185:3:23
|
||||
186:0:139
|
||||
187:3:24
|
||||
188:0:139
|
||||
189:2:21
|
||||
190:0:136
|
||||
|
||||
@@ -1,10 +1,9 @@
|
||||
mtype = { SYN, FIN, ACK, ABORT, CLOSE, RST, OPEN }
|
||||
mtype = { SYN, FIN, ACK }
|
||||
|
||||
chan AtoB = [2] of { mtype };
|
||||
chan BtoA = [2] of { mtype };
|
||||
|
||||
int state[2];
|
||||
int pids[2];
|
||||
|
||||
#define ClosedState 0
|
||||
#define ListenState 1
|
||||
@@ -17,124 +16,126 @@ int pids[2];
|
||||
#define ClosingState 8
|
||||
#define LastAckState 9
|
||||
#define TimeWaitState 10
|
||||
#define EndState -1
|
||||
|
||||
#define leftConnecting (state[0] == ListenState && state[1] == SynSentState)
|
||||
#define leftEstablished (state[0] == EstState)
|
||||
#define rightEstablished (state[1] == EstState)
|
||||
#define leftClosed (state[0] == ClosedState)
|
||||
|
||||
proctype TCP(chan snd, rcv; int i) {
|
||||
pids[i] = _pid;
|
||||
mtype msg;
|
||||
CLOSED:
|
||||
state[i] = ClosedState;
|
||||
do
|
||||
/* Passive open */
|
||||
:: goto LISTEN;
|
||||
/* Active open */
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
/* Terminate */
|
||||
:: goto end;
|
||||
od
|
||||
state[i] = ClosedState;
|
||||
if
|
||||
:: goto LISTEN;
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
fi;
|
||||
|
||||
LISTEN:
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
atomic {
|
||||
snd ! SYN;
|
||||
snd ! ACK;
|
||||
goto SYN_RECEIVED;
|
||||
}
|
||||
/* Simultaneous LISTEN */
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? SYN;
|
||||
if
|
||||
/* Standard behavior */
|
||||
:: rcv ? ACK -> snd ! ACK; goto ESTABLISHED;
|
||||
/* Simultaneous open */
|
||||
:: snd ! ACK; goto SYN_RECEIVED;
|
||||
fi
|
||||
:: rcv ? ACK;
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
snd ! ACK;
|
||||
goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED; /* Timeout */
|
||||
od
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! SYN; snd ! ACK; goto SYN_RECEIVED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! ACK; goto SYN_RECEIVED;
|
||||
:: msg == ACK ->
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! ACK; goto ESTABLISHED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
SYN_RECEIVED:
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? ACK -> goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto ESTABLISHED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
ESTABLISHED:
|
||||
state[i] = EstState;
|
||||
do
|
||||
/* Close - initiator sequence */
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
/* Close - responder sequence */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSE_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = EstState;
|
||||
do
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto CLOSE_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
FIN_WAIT_1:
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
/* Simultaneous close */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSING;
|
||||
/* Standard close */
|
||||
:: rcv ? ACK -> goto FIN_WAIT_2;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
do
|
||||
:: snd ! FIN; goto LAST_ACK;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto CLOSING;
|
||||
:: msg == ACK -> goto FIN_WAIT_2;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
FIN_WAIT_2:
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto TIME_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
CLOSING:
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? ACK -> goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto TIME_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
snd ! FIN; goto LAST_ACK;
|
||||
|
||||
LAST_ACK:
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? ACK -> goto CLOSED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto CLOSED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
TIME_WAIT:
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
end:
|
||||
state[i] = EndState;
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
}
|
||||
|
||||
init {
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
atomic {
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
}
|
||||
}
|
||||
|
||||
/* liveness: SYN_RECEIVED resolution*/
|
||||
|
||||
@@ -1,10 +1,9 @@
|
||||
mtype = { SYN, FIN, ACK, ABORT, CLOSE, RST, OPEN }
|
||||
mtype = { SYN, FIN, ACK }
|
||||
|
||||
chan AtoB = [2] of { mtype };
|
||||
chan BtoA = [2] of { mtype };
|
||||
|
||||
int state[2];
|
||||
int pids[2];
|
||||
|
||||
#define ClosedState 0
|
||||
#define ListenState 1
|
||||
@@ -17,124 +16,126 @@ int pids[2];
|
||||
#define ClosingState 8
|
||||
#define LastAckState 9
|
||||
#define TimeWaitState 10
|
||||
#define EndState -1
|
||||
|
||||
#define leftConnecting (state[0] == ListenState && state[1] == SynSentState)
|
||||
#define leftEstablished (state[0] == EstState)
|
||||
#define rightEstablished (state[1] == EstState)
|
||||
#define leftClosed (state[0] == ClosedState)
|
||||
|
||||
proctype TCP(chan snd, rcv; int i) {
|
||||
pids[i] = _pid;
|
||||
mtype msg;
|
||||
CLOSED:
|
||||
state[i] = ClosedState;
|
||||
do
|
||||
/* Passive open */
|
||||
:: goto LISTEN;
|
||||
/* Active open */
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
/* Terminate */
|
||||
:: goto end;
|
||||
od
|
||||
state[i] = ClosedState;
|
||||
if
|
||||
:: goto LISTEN;
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
fi;
|
||||
|
||||
LISTEN:
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
atomic {
|
||||
snd ! SYN;
|
||||
snd ! ACK;
|
||||
goto SYN_RECEIVED;
|
||||
}
|
||||
/* Simultaneous LISTEN */
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? SYN;
|
||||
if
|
||||
/* Standard behavior */
|
||||
:: rcv ? ACK -> snd ! ACK; goto ESTABLISHED;
|
||||
/* Simultaneous open */
|
||||
:: snd ! ACK; goto SYN_RECEIVED;
|
||||
fi
|
||||
:: rcv ? ACK;
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
snd ! ACK;
|
||||
goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED; /* Timeout */
|
||||
od
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! SYN; snd ! ACK; goto SYN_RECEIVED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! ACK; goto SYN_RECEIVED;
|
||||
:: msg == ACK ->
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! ACK; goto ESTABLISHED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
SYN_RECEIVED:
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? ACK -> goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto ESTABLISHED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
ESTABLISHED:
|
||||
state[i] = EstState;
|
||||
do
|
||||
/* Close - initiator sequence */
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
/* Close - responder sequence */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSE_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = EstState;
|
||||
do
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto CLOSE_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
FIN_WAIT_1:
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
/* Simultaneous close */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSING;
|
||||
/* Standard close */
|
||||
:: rcv ? ACK -> goto FIN_WAIT_2;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
do
|
||||
:: snd ! FIN; goto LAST_ACK;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto CLOSING;
|
||||
:: msg == ACK -> goto FIN_WAIT_2;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
FIN_WAIT_2:
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto TIME_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
CLOSING:
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? ACK -> goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto TIME_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
snd ! FIN; goto LAST_ACK;
|
||||
|
||||
LAST_ACK:
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? ACK -> goto CLOSED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto CLOSED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
TIME_WAIT:
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
end:
|
||||
state[i] = EndState;
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
}
|
||||
|
||||
init {
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
atomic {
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
}
|
||||
}
|
||||
|
||||
/* safety: strict closing transitions */
|
||||
|
||||
@@ -1,88 +1,102 @@
|
||||
-2:2:-2
|
||||
-4:-4:-4
|
||||
1:0:121
|
||||
2:1:114
|
||||
3:0:121
|
||||
4:1:115
|
||||
5:0:121
|
||||
6:1:116
|
||||
7:0:121
|
||||
8:1:117
|
||||
9:0:121
|
||||
10:3:0
|
||||
11:0:121
|
||||
12:3:1
|
||||
13:0:121
|
||||
14:3:2
|
||||
15:0:121
|
||||
16:3:9
|
||||
17:0:121
|
||||
18:2:0
|
||||
19:0:121
|
||||
20:2:1
|
||||
21:0:121
|
||||
22:2:2
|
||||
23:0:121
|
||||
24:2:9
|
||||
25:0:121
|
||||
26:3:17
|
||||
27:0:121
|
||||
28:3:1
|
||||
29:0:121
|
||||
30:3:3
|
||||
31:0:121
|
||||
32:3:22
|
||||
33:0:121
|
||||
34:2:10
|
||||
35:0:121
|
||||
36:2:11
|
||||
37:2:12
|
||||
38:0:121
|
||||
39:3:23
|
||||
40:0:121
|
||||
41:3:24
|
||||
42:0:121
|
||||
43:3:25
|
||||
44:0:121
|
||||
45:3:55
|
||||
46:0:121
|
||||
47:3:56
|
||||
48:0:121
|
||||
49:3:66
|
||||
50:0:121
|
||||
51:2:47
|
||||
52:0:121
|
||||
53:2:48
|
||||
54:0:121
|
||||
55:2:55
|
||||
56:0:121
|
||||
57:2:56
|
||||
58:0:121
|
||||
59:3:67
|
||||
60:0:121
|
||||
61:3:68
|
||||
62:0:121
|
||||
63:3:94
|
||||
64:0:121
|
||||
65:2:66
|
||||
66:0:121
|
||||
67:2:67
|
||||
68:0:121
|
||||
69:2:68
|
||||
70:0:121
|
||||
71:3:95
|
||||
72:0:121
|
||||
73:3:110
|
||||
74:0:121
|
||||
75:3:1
|
||||
76:0:121
|
||||
77:3:2
|
||||
78:0:121
|
||||
79:3:9
|
||||
80:0:121
|
||||
81:2:94
|
||||
82:0:121
|
||||
83:2:95
|
||||
84:0:119
|
||||
85:2:110
|
||||
86:0:126
|
||||
1:0:138
|
||||
2:1:130
|
||||
3:0:138
|
||||
4:1:131
|
||||
5:0:138
|
||||
6:1:132
|
||||
7:1:133
|
||||
8:0:138
|
||||
9:3:0
|
||||
10:0:138
|
||||
11:3:1
|
||||
12:0:138
|
||||
13:3:6
|
||||
14:0:138
|
||||
15:2:0
|
||||
16:0:138
|
||||
17:2:1
|
||||
18:0:138
|
||||
19:2:6
|
||||
20:0:138
|
||||
21:3:16
|
||||
22:0:138
|
||||
23:3:0
|
||||
24:0:138
|
||||
25:3:2
|
||||
26:0:138
|
||||
27:3:21
|
||||
28:0:138
|
||||
29:2:7
|
||||
30:0:138
|
||||
31:2:8
|
||||
32:0:138
|
||||
33:2:9
|
||||
34:0:138
|
||||
35:3:22
|
||||
36:0:138
|
||||
37:3:23
|
||||
38:0:138
|
||||
39:3:24
|
||||
40:0:138
|
||||
41:3:49
|
||||
42:0:138
|
||||
43:2:10
|
||||
44:0:138
|
||||
45:3:50
|
||||
46:0:138
|
||||
47:3:51
|
||||
48:0:138
|
||||
49:3:62
|
||||
50:0:138
|
||||
51:3:63
|
||||
52:0:138
|
||||
53:3:76
|
||||
54:0:138
|
||||
55:2:49
|
||||
56:0:138
|
||||
57:2:50
|
||||
58:0:138
|
||||
59:2:51
|
||||
60:0:138
|
||||
61:2:62
|
||||
62:0:138
|
||||
63:2:63
|
||||
64:0:138
|
||||
65:3:77
|
||||
66:0:138
|
||||
67:3:78
|
||||
68:0:138
|
||||
69:3:79
|
||||
70:0:138
|
||||
71:3:102
|
||||
72:0:138
|
||||
73:2:76
|
||||
74:0:138
|
||||
75:2:77
|
||||
76:0:138
|
||||
77:2:78
|
||||
78:0:138
|
||||
79:2:79
|
||||
80:0:138
|
||||
81:3:103
|
||||
82:0:138
|
||||
83:3:104
|
||||
84:0:138
|
||||
85:3:127
|
||||
86:0:138
|
||||
87:3:0
|
||||
88:0:138
|
||||
89:3:1
|
||||
90:0:138
|
||||
91:3:6
|
||||
92:0:138
|
||||
93:2:102
|
||||
94:0:138
|
||||
95:2:103
|
||||
96:0:138
|
||||
97:2:104
|
||||
98:0:136
|
||||
99:2:127
|
||||
100:0:143
|
||||
|
||||
149
tests/tcp/tcp-phi7.pml
Normal file
149
tests/tcp/tcp-phi7.pml
Normal file
@@ -0,0 +1,149 @@
|
||||
mtype = { SYN, FIN, ACK }
|
||||
|
||||
chan AtoB = [2] of { mtype };
|
||||
chan BtoA = [2] of { mtype };
|
||||
|
||||
int state[2];
|
||||
|
||||
#define ClosedState 0
|
||||
#define ListenState 1
|
||||
#define SynSentState 2
|
||||
#define SynRecState 3
|
||||
#define EstState 4
|
||||
#define FinW1State 5
|
||||
#define CloseWaitState 6
|
||||
#define FinW2State 7
|
||||
#define ClosingState 8
|
||||
#define LastAckState 9
|
||||
#define TimeWaitState 10
|
||||
|
||||
proctype TCP(chan snd, rcv; int i) {
|
||||
mtype msg;
|
||||
CLOSED:
|
||||
state[i] = ClosedState;
|
||||
if
|
||||
:: goto LISTEN;
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
fi;
|
||||
|
||||
LISTEN:
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! SYN; snd ! ACK; goto SYN_RECEIVED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! ACK; goto SYN_RECEIVED;
|
||||
:: msg == ACK ->
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! ACK; goto ESTABLISHED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
SYN_RECEIVED:
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto ESTABLISHED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
ESTABLISHED:
|
||||
state[i] = EstState;
|
||||
do
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto CLOSE_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
FIN_WAIT_1:
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto CLOSING;
|
||||
:: msg == ACK -> goto FIN_WAIT_2;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
FIN_WAIT_2:
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto TIME_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
CLOSING:
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto TIME_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
snd ! FIN; goto LAST_ACK;
|
||||
|
||||
LAST_ACK:
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto CLOSED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
TIME_WAIT:
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
}
|
||||
|
||||
init {
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
atomic {
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
}
|
||||
}
|
||||
|
||||
/* liveness: simultaneous close resolution */
|
||||
ltl phi7 {
|
||||
always (
|
||||
(state[0] == FinW1State && state[1] == FinW1State)
|
||||
implies
|
||||
(eventually (state[0] == ClosedState) &&
|
||||
eventually (state[1] == ClosedState))
|
||||
)
|
||||
}
|
||||
146
tests/tcp/tcp-phi8.pml
Normal file
146
tests/tcp/tcp-phi8.pml
Normal file
@@ -0,0 +1,146 @@
|
||||
mtype = { SYN, FIN, ACK }
|
||||
|
||||
chan AtoB = [2] of { mtype };
|
||||
chan BtoA = [2] of { mtype };
|
||||
|
||||
int state[2];
|
||||
|
||||
#define ClosedState 0
|
||||
#define ListenState 1
|
||||
#define SynSentState 2
|
||||
#define SynRecState 3
|
||||
#define EstState 4
|
||||
#define FinW1State 5
|
||||
#define CloseWaitState 6
|
||||
#define FinW2State 7
|
||||
#define ClosingState 8
|
||||
#define LastAckState 9
|
||||
#define TimeWaitState 10
|
||||
|
||||
proctype TCP(chan snd, rcv; int i) {
|
||||
mtype msg;
|
||||
CLOSED:
|
||||
state[i] = ClosedState;
|
||||
if
|
||||
:: goto LISTEN;
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
fi;
|
||||
|
||||
LISTEN:
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! SYN; snd ! ACK; goto SYN_RECEIVED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! ACK; goto SYN_RECEIVED;
|
||||
:: msg == ACK ->
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! ACK; goto ESTABLISHED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
SYN_RECEIVED:
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto ESTABLISHED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
ESTABLISHED:
|
||||
state[i] = EstState;
|
||||
do
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto CLOSE_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
FIN_WAIT_1:
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto CLOSING;
|
||||
:: msg == ACK -> goto FIN_WAIT_2;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
FIN_WAIT_2:
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto TIME_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
CLOSING:
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto TIME_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
snd ! FIN; goto LAST_ACK;
|
||||
|
||||
LAST_ACK:
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto CLOSED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
TIME_WAIT:
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
}
|
||||
|
||||
init {
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
atomic {
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
}
|
||||
}
|
||||
|
||||
/* liveness: active close eventually terminates */
|
||||
ltl phi8 {
|
||||
always (
|
||||
(state[0] == FinW1State) implies (eventually (state[0] == ClosedState))
|
||||
)
|
||||
}
|
||||
148
tests/tcp/tcp-phi9.pml
Normal file
148
tests/tcp/tcp-phi9.pml
Normal file
@@ -0,0 +1,148 @@
|
||||
mtype = { SYN, FIN, ACK }
|
||||
|
||||
chan AtoB = [2] of { mtype };
|
||||
chan BtoA = [2] of { mtype };
|
||||
|
||||
int state[2];
|
||||
|
||||
#define ClosedState 0
|
||||
#define ListenState 1
|
||||
#define SynSentState 2
|
||||
#define SynRecState 3
|
||||
#define EstState 4
|
||||
#define FinW1State 5
|
||||
#define CloseWaitState 6
|
||||
#define FinW2State 7
|
||||
#define ClosingState 8
|
||||
#define LastAckState 9
|
||||
#define TimeWaitState 10
|
||||
|
||||
proctype TCP(chan snd, rcv; int i) {
|
||||
mtype msg;
|
||||
CLOSED:
|
||||
state[i] = ClosedState;
|
||||
if
|
||||
:: goto LISTEN;
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
fi;
|
||||
|
||||
LISTEN:
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! SYN; snd ! ACK; goto SYN_RECEIVED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! ACK; goto SYN_RECEIVED;
|
||||
:: msg == ACK ->
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! ACK; goto ESTABLISHED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
SYN_RECEIVED:
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto ESTABLISHED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
ESTABLISHED:
|
||||
state[i] = EstState;
|
||||
do
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto CLOSE_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
FIN_WAIT_1:
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto CLOSING;
|
||||
:: msg == ACK -> goto FIN_WAIT_2;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
FIN_WAIT_2:
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto TIME_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
CLOSING:
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto TIME_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
snd ! FIN; goto LAST_ACK;
|
||||
|
||||
LAST_ACK:
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto CLOSED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
TIME_WAIT:
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
}
|
||||
|
||||
init {
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
atomic {
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
}
|
||||
}
|
||||
|
||||
/* safety: handshake cannot be bypassed */
|
||||
ltl phi9 {
|
||||
always (
|
||||
(state[0] == ListenState)
|
||||
implies
|
||||
!(next (state[0] == EstState))
|
||||
)
|
||||
}
|
||||
@@ -1,10 +1,9 @@
|
||||
mtype = { SYN, FIN, ACK, ABORT, CLOSE, RST, OPEN }
|
||||
mtype = { SYN, FIN, ACK }
|
||||
|
||||
chan AtoB = [2] of { mtype };
|
||||
chan BtoA = [2] of { mtype };
|
||||
|
||||
int state[2];
|
||||
int pids[2];
|
||||
|
||||
#define ClosedState 0
|
||||
#define ListenState 1
|
||||
@@ -17,122 +16,124 @@ int pids[2];
|
||||
#define ClosingState 8
|
||||
#define LastAckState 9
|
||||
#define TimeWaitState 10
|
||||
#define EndState -1
|
||||
|
||||
#define leftConnecting (state[0] == ListenState && state[1] == SynSentState)
|
||||
#define leftEstablished (state[0] == EstState)
|
||||
#define rightEstablished (state[1] == EstState)
|
||||
#define leftClosed (state[0] == ClosedState)
|
||||
|
||||
proctype TCP(chan snd, rcv; int i) {
|
||||
pids[i] = _pid;
|
||||
mtype msg;
|
||||
CLOSED:
|
||||
state[i] = ClosedState;
|
||||
do
|
||||
/* Passive open */
|
||||
:: goto LISTEN;
|
||||
/* Active open */
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
/* Terminate */
|
||||
:: goto end;
|
||||
od
|
||||
state[i] = ClosedState;
|
||||
if
|
||||
:: goto LISTEN;
|
||||
:: snd ! SYN; goto SYN_SENT;
|
||||
fi;
|
||||
|
||||
LISTEN:
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
atomic {
|
||||
snd ! SYN;
|
||||
snd ! ACK;
|
||||
goto SYN_RECEIVED;
|
||||
}
|
||||
/* Simultaneous LISTEN */
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? SYN;
|
||||
if
|
||||
/* Standard behavior */
|
||||
:: rcv ? ACK -> snd ! ACK; goto ESTABLISHED;
|
||||
/* Simultaneous open */
|
||||
:: snd ! ACK; goto SYN_RECEIVED;
|
||||
fi
|
||||
:: rcv ? ACK;
|
||||
state[i] = ListenState;
|
||||
do
|
||||
:: rcv ? SYN ->
|
||||
snd ! ACK;
|
||||
goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
:: rcv ? _ -> skip;
|
||||
:: timeout -> goto CLOSED; /* Timeout */
|
||||
od
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! SYN; snd ! ACK; goto SYN_RECEIVED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
SYN_SENT:
|
||||
state[i] = SynSentState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! ACK; goto SYN_RECEIVED;
|
||||
:: msg == ACK ->
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == SYN -> snd ! ACK; goto ESTABLISHED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
SYN_RECEIVED:
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? ACK -> goto ESTABLISHED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = SynRecState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto ESTABLISHED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
:: timeout -> goto CLOSED;
|
||||
od;
|
||||
|
||||
ESTABLISHED:
|
||||
state[i] = EstState;
|
||||
do
|
||||
/* Close - initiator sequence */
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
/* Close - responder sequence */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSE_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = EstState;
|
||||
do
|
||||
:: snd ! FIN; goto FIN_WAIT_1;
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto CLOSE_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
FIN_WAIT_1:
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
/* Simultaneous close */
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto CLOSING;
|
||||
/* Standard close */
|
||||
:: rcv ? ACK -> goto FIN_WAIT_2;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
do
|
||||
:: snd ! FIN; goto LAST_ACK;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = FinW1State;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto CLOSING;
|
||||
:: msg == ACK -> goto FIN_WAIT_2;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
FIN_WAIT_2:
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? FIN ->
|
||||
snd ! ACK;
|
||||
goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = FinW2State;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == FIN -> snd ! ACK; goto TIME_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
CLOSING:
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? ACK -> goto TIME_WAIT;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = ClosingState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto TIME_WAIT;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
CLOSE_WAIT:
|
||||
state[i] = CloseWaitState;
|
||||
snd ! FIN; goto LAST_ACK;
|
||||
|
||||
LAST_ACK:
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? ACK -> goto CLOSED;
|
||||
:: rcv ? _ -> skip;
|
||||
od
|
||||
state[i] = LastAckState;
|
||||
do
|
||||
:: rcv ? msg ->
|
||||
if
|
||||
:: msg == ACK -> goto CLOSED;
|
||||
:: else -> skip;
|
||||
fi
|
||||
od;
|
||||
|
||||
TIME_WAIT:
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
end:
|
||||
state[i] = EndState;
|
||||
state[i] = TimeWaitState;
|
||||
goto CLOSED;
|
||||
}
|
||||
|
||||
init {
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
state[0] = ClosedState;
|
||||
state[1] = ClosedState;
|
||||
atomic {
|
||||
run TCP(AtoB, BtoA, 0);
|
||||
run TCP(BtoA, AtoB, 1);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user